<?php

/*
 * Change user password
 *
 * Copyright (C) 2006 Voluna Software. All rights reserved.
 *
 */

	require("pre.inc");

	if ($GLOBALS["userauthenticated"] == 0)
	{
		generic_header(array("title" => _("Your account")));
		dual_begin(array());
		print("<h2><a href=\"/\">" . _("Home") . "</a> / " . _("Your account") . "</h2>\n");
		print("<p>" . _("You have not authenticated yourself to the system yet with your") . " <em>" . _("username") . "</em> " . _("and") . " <em>" . _("password") . "</em>. " .
			_("You will not be able to use this section of the website without authenticating yourself first. So, please continue and login using the form on the right hand side.") . "</p>\n");
		dual_middle(array());
		show_account_details(array());
		dual_end(array());
		generic_footer(array());
		exit;
	}

        global $ldap_usersetpw;

        $ldap_usersetpw = "";

        function ldap_startelement($parser, $name, $attrs)
        {
                global $ldap_usersetpw;

                if ($name == "USER-PASSWORD")
                        $ldap_usersetpw = $attrs["VALUE"];
        }


        function ldap_endelement($parser, $name)
        {
        }

        $ldap_parser = xml_parser_create();
        xml_set_element_handler($ldap_parser, "ldap_startelement", "ldap_endelement");
        $ldap_fp = fopen("/opt/openfiler/etc/ldap.xml", "r");

        while ($ldap_data = fread($ldap_fp, 4096))
                xml_parse($ldap_parser, $ldap_data, feof($ldap_fp));

        fclose($ldap_fp);
        xml_parser_free($ldap_parser);


	if ($_POST["current_password"] && $_POST["new_password"] && $_POST["confirm_new_password"])
	{
		if ($ldap_usersetpw != "YES")
			$message = "<p><span style=\"color: red; background-color: transparent;\">Users are not allowed to set passwords.  Please contact your administrator to have your password changed.</span></p>";
		else if ($GLOBALS["passcookie"] != $_POST["current_password"])
			$message = "<p><span style=\"color: red; background-color: transparent;\">The supplied current-password does not match the user's current password.</span> Did you enter it correctly?</p>";
		else if ($_POST["new_password"] != $_POST["confirm_new_password"])
			$message = "<p><span style=\"color: red; background-color: transparent;\">The supplied new passwords do not match.</span> Please verify that the new-password and confirm-password fields match.</p>";
		else
		{
			$fp = popen("/usr/bin/sudo /usr/bin/passwd --stdin " . escapeshellarg($GLOBALS["usercookie"]), "w");
			fwrite($fp, $_POST["new_password"] . "\n");
			pclose($fp);
			setLDAPpasswd($GLOBALS["usercookie"], $_POST["new_password"]);

			generic_header(array("title" => _("Your account")));
			dual_begin(array());
			print("<p>Your password was changed successfully.</p>");
			dual_middle(array());
			show_account_details(array());
			dual_end(array());
			generic_footer(array());
			exit;
		}

	}

	generic_header(array("title" => _("Your account")));
	single_begin(array());
	print("<h2><a href=\"/\">" . _("Home") . "</a> / " . _("Your account") . "</h2>\n");

?>

<p>Hi <?php print($usercookie); ?>! The following are your account information and preferences, arranged
into tabs. Please click on a tab to open up that category.</p>

<?php
	tab_begin(4, 1, array("Quota", "Password", "Language", "Logout"), array("./", "password.html", "language.html", "logout.html"));
	print($message);
?>
	<form action="password.html" method="post">
	<table cellpadding="10" cellspacing="0" border="0">
	<tr>
		<td>Current Password:</td>
		<td><input name="current_password" type="password"></td>
	</tr>
	<tr>
		<td>New Password:</td>
		<td><input name="new_password" type="password"></td>
	</tr>
	<tr>
		<td>Confirm New Password:</td>
		<td><input name="confirm_new_password" type="password"></td>
	</tr>
	<tr>
		<td colspan="2" align="center"><input name="submit" type="submit" value="Submit"> &nbsp; <input name="reset" type="reset" value="Clear"></td>
	</tr>
	</table>
	</form>
<?php
	tab_end();

	single_end(array());
	generic_footer(array());
?>
